A team of academics from the Ben-Gurion College of
the Negev in Israel has effectively created and tested malware that can
exfiltrate information from air-gapped PCs by means of power lines and has
named the information exfiltration technique PowerHammer.

The said technique attempts to influence the victim's
PC to expend more or less electrical power by tainting an air-gapped PC with
malware that purposefully alters CPU utilization levels.

Naturally, PCs extricate power from the local
network in a uniform way and a PowerHammer attack creates a variation of the
measure of power a victim's PC sucks from the local electrical system

This phenomenon is known as a "conducted
emission."

PowerHammer malware can encode binary data, by
modifying the high and low power consumption levels, from a victim's PC into
the power consumption pattern.

PowerHammer attacks are fundamentally known to be of
two kinds

The first is "line level power-hammering,"
and this happens when the attacker figures out how to tap the power link
between the air-gapped PC and the electrical socket.

The second is "phase level
power-hammering" this variant of the attacks happens when the infiltrator
taps the electrical cables at the phase level, in a building's electrical
panel. This rendition of the attack is known to be stealthier yet can recoup
information at just 10 bits/second, primarily because of the higher measure of
"noise" at the power line phase level.

These attacks exist with two distinctive
exfiltration speeds also.

The attack is effective for stealing information
from air-gapped desktops, PCs, servers, and even IoT gadgets, experiments
revealed yet the speed exfiltration speed is slower for the latter. Further
observation drove them to realize that the exfiltration speed improves the more
cores a CPU has.

The research centre from the Ben-Gurion College of
the Negev who thought of this new information exfiltration technique has a long
history of innovative hacks also for its users, all listed below:

LED-it-Go - exfiltrate data from air-gapped systems via
an HDD's activity LEDSPEAKE(a)R -
use headphones to record audio and spy on nearby users9-1-1 DDoS -
launch DDoS attacks that can cripple a US state's 911 emergency systemsUSBee -
make a USB connector's data bus give out electromagnetic emissions that can be
used to exfiltrate dataAirHopper - use the
local GPU card to emit electromagnetic signals to a nearby mobile phone, also
used to steal dataFansmitter - steal
data from air-gapped PCs using sounds emanated by a computer's GPU fanDiskFiltration - use
controlled read/write HDD operations to steal data via sound wavesBitWhisper -
exfiltrate data from non-networked computers using heat emanationsUnnamed attack - uses
flatbed scanners to relay commands to malware infested PCs or to exfiltrate
data from compromised systemsxLED - use router
or switch LEDs to exfiltrate dataShattered Trust - using
backdoored replacement parts to take over smart phonesaIR-Jumper - use
security camera infrared capabilities to steal data from air-gapped networksHVACKer - use HVAC
systems to control malware on air-gapped systemsMAGNETO & ODINI - steal data from Faraday cage-protected systemsMOSQUITO - steal data
from PCs using speakers and headphones

Mitigations and more
details for the technically inclined users are available in the research team's
paper, entitled: